Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
Message to anyone who placed or fulfilled an order via the world's largest darknet market, Empire, in recent weeks: Say bye-bye to your cryptocurrency. It's increasingly clear that Empire's administrators "exit scammed," closing up shop and leaving with a horde of digital currency.
This ESG Technical Review documents ESG's evaluation and analysis of how HCL AppScan can help developers continuously secure applications using policies defined by security specialists. It also evaluates how AppScan can easily be integrated into CI/CD pipelines and support other aspects of DevSecOps initiatives to...
In application security testing, Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) are prominent techniques. However, Interactive Application Security Testing (IAST) is a promising new entrant in AST, helping to dramatically reduce false positives. This white paper provides a...
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
The U.S. Justice Department has filed a civil forfeiture complaint in an effort to recover millions in cryptocurrency from 280 accounts that allegedly was stolen by North Korean hackers. Prosecutors believe much of the money was laundered through Chinese exchanges.
"Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky. The threat actors initially posed as journalists looking to contact sources.
The operators behind the "Lemon Duck" cryptominer have developed new techniques to better target enterprise-grade Linux systems, according to Sophos. In the latest cases, potential victims are spammed with COVID-19-themed emails.
U.S. agencies have issued a warning about increases in bank heists worldwide spearheaded by a hacking group called "BeagleBoyz," a subset of the Lazarus Group, which has ties to the North Korean government.
The Lazarus Group, which has ties to the North Korean government, recently targeted an employee of a cryptocurrency exchange with a fake job offer in order to plant malware and steal virtual currency, according to F-Secure.
A hack-for-hire campaign targeting an "international architectural and video production company" serving high-end real estate ventures likely involved corporate espionage driven by a developer eager for insider data, according to an analysis from security firm Bitdefender.
Developers and DevOps must become more agile, and application delivery controllers (ADCs) can serve as a catalyst for accomplishing this. ADCs allow application delivery services to be spun up and efficiently on demand - and use automation and intuitive user interfaces to open up their management to an array of...